From 2684d4597b0b5cf8bfd6cc839d41ef5664340ddb Mon Sep 17 00:00:00 2001
From: Paul Colby <git@colby.id.au>
Date: Fri, 24 May 2024 15:51:59 +1000
Subject: [PATCH] Give CodeQL security-events write permission

---
 .github/workflows/static.yaml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/static.yaml b/.github/workflows/static.yaml
index 350fe1c4d..49a6bc3f1 100644
--- a/.github/workflows/static.yaml
+++ b/.github/workflows/static.yaml
@@ -7,6 +7,9 @@ permissions:
 
 jobs:
   CodeQL:
+    permissions:
+      contents: read
+      security-events: write
     if: github.actor != 'dependabot[bot]'
     runs-on: ubuntu-latest
     steps: